Monero developers have revealed nine security flaws, and one of them can be exploited to steal XMR from cryptocurrency exchanges.
Two critical Monero bugs discovered
“By mining a specially crafted block, that still passes daemon verification an attacker can create a miner transaction that appears to the wallet to include sum of XMR picked by the attacker. It is our belief that this can be exploited to steal money from exchanges,” a developer with the pseudoname “cutcoin” stated in the HackerOne report.
The developers have also discovered five DoS attack vectors, and they labeled one of them as a critical issue.
Another security flaw was discovered concerning CryptoNote, an application layer used in the Monero ecosystem to increase the privacy of the transactions.
You're right, $BTC isn't anonymous…
…that's where the #cryptonote protocol comes in. It's P2P code is being re-engineered for speed and scale by the #RyoCurrency dev team that brought fair #Monero mining to the masses with xmr-stak software. 😏 https://t.co/cPcSQAg4eW
— Ryo_Currency (@RyocurrencyO) July 4, 2019
If hackers have managed to exploit this bug, they would be able to take Monero nodes down using a method that includes the malicious request of large amounts of blockchain data from the cryptocurrency’s network.
“If you have quite a big blockchain (with long history like Monero […]), then you can push a protocol request that will call all of its blocks from another node, which could be hundreds of thousands of blocks. Preparing such a response can take a lot of resources. Eventually, the OS might kill it due to the huge memory consumptions, which is typical of Linux systems,” the vulnerability’s discoverer, Andrey Sabelnikov, told Hard Fork.
According to Sabelnikov, other crypto projects who are utilizing CryptoNote could be affected by the security flaw.
Another issue developers have found is the leaking of uninitialized memory. According to the report, uninitialized memory is never literally uninitialized. Therefore, it contains sensitive data, such as cryptographic and private information.
Flaws were not exploited
The developers reported the majority of the flaws approximately four months ago with eight vulnerabilities being patched in the meantime and the ninth one remaining undisclosed.
While two of the nine flaws were labeled as critical by the developers, it should be noted that these are all “proof of concepts” and there’s no sign that anyone has managed to exploit the bugs.
Last year, CCN reported that Monero developers have successfully patched a bug in September that could have put both cryptocurrency exchanges and merchants at risk.
By sending a series of payments to a single stealth address belonging to a cryptocurrency exchange or merchant and exploiting a bug in the Monero wallet software, hackers would have been able to “burn” cryptocurrency exchange deposits.
However, this issue was also a “proof of concept” and never had any real consequences.